Archive | Network Hacking


18 December 2014 | 6,224 views

ICANN Hacked Including Root DNS Systems

So another hack has been exposed, this time on ICANN – which is pretty bad. They are the database of the Internet basically, including the root zone system which is the highest authority for DNS requests. “The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organization that is responsible for the coordination […]

Continue Reading


16 December 2014 | 767 views

BlueMaho Project – Bluetooth Security Testing Suite

BlueMaho is GUI-shell (interface) for a suite of tools best used for Bluetooth security testing. It is freeware, opensource, written on python, uses wxPython. It can be used for testing BT-devices for known vulnerabilities and major thing to do – testing to find unknown vulns. Also it can form nice statistics. I did get interested […]

Continue Reading


31 October 2014 | 2,531 views

ZMap – Fast Open-Source Network Scanner

ZMap is a fast open-source network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4 address space in under 45 minutes. While previous network tools have been designed to scan small network segments, ZMap is specifically architected to scan the […]

Continue Reading


30 October 2014 | 1,785 views

Serious Linux/UNIX FTP Flaw Allows Command Execution

A lot of old bugs have been biting us on the butt lately, and here’s another to add to the list. This week it was discovered a fairly nasty FTP Flaw Allows Command Execution when using the old but still fairly widely used. tnftp client It’s a fairly unlikely set of circumstances however, and it […]

Continue Reading


16 October 2014 | 3,783 views

Everything You Need To Know About POODLE SSLv3 Vulnerability

So yah, it’s been quite a year – not long after Heartbleed and then Shellshock we now have POODLE SSLv3 vulnerability. Yes, that’s right – POODLE. It is actually an acronym this time though, yay (Padding Oracle On Downgraded Legacy). Is it a huge risk? Not really as it doesn’t allow any type of remote […]

Continue Reading


08 October 2014 | 2,757 views

IPFlood – Simple Firefox Add-on To Hide Your IP Address

IPFlood (previously IPFuck) is a Firefox add-on created to simulate the use of a proxy. It doesn’t actually change your IP address (obviously) and it doesn’t connect to a proxy either, it just changes the headers (that it can) so it appears to any web servers or software sniffing – that you are in fact […]

Continue Reading


29 September 2014 | 4,906 views

masscan – The Fastest TCP Port Scanner

masscan is the fastest TCP port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. It produces results similar to nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZMap, using asynchronous transmission. The major difference is that it’s faster than these […]

Continue Reading


03 September 2014 | 3,206 views

BurpSentintel – Vulnerability Scanning Plugin For Burp Proxy

BurpSentintel is a plugin for Burp Intercepting Proxy, to aid and ease the identification of vulnerabilities in web applications. Searching for vulnerabilities in web applications can be a tedious task. Most of the time consists of inserting magic chars into parameters, and looking for suspicious output. Sentinel tries to automate parts of this laborous task. […]

Continue Reading


15 August 2014 | 3,064 views

Hiding A Bitcoin Mining Botnet In The Cloud

This is a pretty interesting story, and an interesting use (or mis-use) of cloud resources. We’ve covered similar stuff before like the case when Yahoo! was Spreading Bitcoin Mining Botnet Malware Via Ads, and then more recently when the Pirated ‘Watch Dogs’ Game Made A Bitcoin Mining Botnet. But this time it’s not malware based, […]

Continue Reading


11 August 2014 | 3,154 views

XML Quadratic Blowup Attack Blows Up WordPress & Drupal

This was a pretty interesting piece of news for me last week as I was actually affected by it (I think?). It’s an XML Quadratic Blowup Attack that affects both WordPress and Drupal and is quite serious as rather than just crashing the software, it can take down the whole server. It didn’t completely take […]

Continue Reading